Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/s9Phn4LRxq3qJKp5WG1zCsRMWlc.roa
File: s9Phn4LRxq3qJKp5WG1zCsRMWlc.roa (raw, json)
Hash identifier: 5LFQTKOZRBYzOCfam8/FRn4XdqXt/6yCH7PjQq7YFwE=
Subject key identifier: B3:D3:E1:9F:82:D1:C6:AD:EA:24:AA:79:58:6D:73:0A:C4:4C:5A:57
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 0194282690729A77BCA73943977721E6BF68
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/s9Phn4LRxq3qJKp5WG1zCsRMWlc.roa
Signing time: Thu 02 Jan 2025 17:53:23 +0000
ROA not before: Thu 02 Jan 2025 17:53:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197019
IP address blocks: 31.31.72.0/21 maxlen: 24
37.157.192.0/21 maxlen: 24
46.28.104.0/21 maxlen: 24
46.28.104.141/32 maxlen: 32
89.221.208.0/20 maxlen: 24
185.8.236.0/22 maxlen: 24
2a02:2b88::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:90:72:9a:77:bc:a7:39:43:97:77:21:e6:bf:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Jan 2 17:53:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3d3e19f82d1c6adea24aa79586d730ac44c5a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:00:00:15:19:03:69:ae:77:c6:c3:e2:fa:2c:
38:a0:ac:8b:9f:a5:49:c0:9e:3d:60:58:96:c2:49:
aa:d9:f7:c5:2f:9c:90:04:21:0a:8f:e5:5f:5c:5c:
30:2a:5f:ca:c9:0c:a9:3a:0f:cb:b9:b9:b5:72:e9:
5c:b0:92:6c:7b:98:b2:63:82:8b:be:34:ff:96:28:
53:e0:46:f7:d8:04:ea:79:f2:9f:4b:82:34:ed:66:
8e:aa:46:a5:15:28:8d:df:63:fa:b3:26:e1:0e:3e:
7b:51:73:9a:ab:b9:2a:42:62:aa:e4:64:49:35:90:
f5:b3:e4:73:7a:40:eb:0b:d1:f2:23:e4:4d:6c:b3:
92:cd:0d:89:dd:57:1d:56:b7:07:43:22:9f:fa:42:
76:fd:57:24:62:79:90:1f:69:ef:94:b8:96:c6:7d:
63:ec:9a:18:42:1a:de:c1:ed:69:77:0d:bf:25:dd:
c6:7d:6a:4d:7c:b2:3b:dc:2d:72:30:e2:2b:8e:10:
fe:62:b7:1c:78:42:c2:51:15:1f:be:a9:35:5e:3a:
7b:42:d4:5e:5d:e8:69:65:74:2d:31:4a:c4:a4:1c:
5d:aa:b3:0f:8e:7b:ed:4f:5e:93:d4:94:7d:5c:6d:
70:3b:6c:94:29:ac:a6:7f:45:0e:f6:7e:7b:57:c2:
dd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D3:E1:9F:82:D1:C6:AD:EA:24:AA:79:58:6D:73:0A:C4:4C:5A:57
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/s9Phn4LRxq3qJKp5WG1zCsRMWlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.72.0/21
37.157.192.0/21
46.28.104.0/21
89.221.208.0/20
185.8.236.0/22
IPv6:
2a02:2b88::/32
Signature Algorithm: sha256WithRSAEncryption
7a:56:0e:37:57:7e:9a:47:f2:fe:cb:a3:d9:7d:31:46:05:4f:
2e:41:64:12:59:b2:aa:1e:03:cd:d8:79:32:b0:45:99:55:dd:
79:d3:cc:9a:07:f2:99:57:87:64:b3:ef:24:c9:89:4a:f7:36:
f2:af:a9:bf:85:76:7d:fc:35:00:83:78:4d:aa:a8:4d:77:48:
d2:c3:35:db:58:fb:cb:c4:40:13:a6:0f:81:10:0f:2a:7f:0f:
f5:a2:68:2b:f4:cb:d6:ad:49:7c:b2:a5:eb:f8:50:e6:29:48:
4b:fa:e9:68:f6:44:c1:48:89:ab:23:68:a0:ee:14:56:2f:84:
72:c3:2f:c6:f9:d4:3a:b9:70:34:5a:15:13:8d:e9:fb:7e:1d:
66:b8:dc:8c:42:af:f4:07:67:ef:87:e1:8a:7d:1f:4b:94:a4:
7c:be:a0:87:f5:08:ee:55:b3:c1:09:4b:f1:50:99:80:47:a6:
46:eb:18:42:ae:5d:2c:8b:1d:59:dd:e4:5c:95:41:72:fb:68:
1e:a9:25:24:f4:2d:65:cc:f1:8a:11:fa:87:eb:f6:41:20:c6:
03:d3:90:7c:e6:22:73:ef:f6:76:56:42:a5:05:a1:8f:c0:3a:
bb:b2:51:d2:12:91:0b:ce:5a:f0:b9:48:bb:39:45:91:8e:f6:
6b:98:c2:b0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQoJpBymne8pzlDl3ch5r9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4
MjgwMjEwHhcNMjUwMTAyMTc1MzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2QzZTE5ZjgyZDFjNmFkZWEyNGFhNzk1ODZkNzMwYWM0NGM1YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwAAFRkDaa53xsPi+iw4oKyLn6VJ
wJ49YFiWwkmq2ffFL5yQBCEKj+VfXFwwKl/KyQypOg/Lubm1culcsJJse5iyY4KL
vjT/lihT4Eb32ATqefKfS4I07WaOqkalFSiN32P6sybhDj57UXOaq7kqQmKq5GRJ
NZD1s+RzekDrC9HyI+RNbLOSzQ2J3VcdVrcHQyKf+kJ2/VckYnmQH2nvlLiWxn1j
7JoYQhrewe1pdw2/Jd3GfWpNfLI73C1yMOIrjhD+YrcceELCURUfvqk1Xjp7QtRe
XehpZXQtMUrEpBxdqrMPjnvtT16T1JR9XG1wO2yUKaymf0UO9n57V8LdGQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLPT4Z+C0cat6iSqeVhtcwrETFpXMB8GA1UdIwQY
MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt
MGFjN2I3ZWRlNDJiLzEvczlQaG40TFJ4cTNxSktwNVdHMXpDc1JNV2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi
LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHx9IAwQD
JZ3AAwQDLhxoAwQEWd3QAwQCuQjsMA0EAgACMAcDBQAqAiuIMA0GCSqGSIb3DQEB
CwUAA4IBAQB6Vg43V36aR/L+y6PZfTFGBU8uQWQSWbKqHgPN2HkysEWZVd1508ya
B/KZV4dks+8kyYlK9zbyr6m/hXZ9/DUAg3hNqqhNd0jSwzXbWPvLxEATpg+BEA8q
fw/1omgr9MvWrUl8sqXr+FDmKUhL+ulo9kTBSImrI2ig7hRWL4Rywy/G+dQ6uXA0
WhUTjen7fh1muNyMQq/0B2fvh+GKfR9LlKR8vqCH9QjuVbPBCUvxUJmAR6ZG6xhC
rl0six1Z3eRclUFy+2geqSUk9C1lzPGKEfqH6/ZBIMYD05B85iJz7/Z2VkKlBaGP
wDq7slHSEpELzlrwuUi7OUWRjvZrmMKw
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:17 2025 by rpki-client